<?php
namespace app\admin\controller;

use app\admin\model\AuthGroup as GroupModel;
use app\admin\model\AuthGroupAccess;
use app\admin\model\AuthRule;

class Auth extends Base
{
    /**
     * 检查权限
     * @param $name 需要验证的规则列表
     * @param $rule_id 认证用户的角色ID
     * @return bool
     */
    static public function checkRule($url, $rule_id)
    {
        if (empty($url) && $rule_id < 1) {
            exit('空，无需验证');
            return false;
        }
        if (self::checkNotcheck()) {
            return true;
        }
        //权限集
        $rule_list = getTableCache('auth_rule');
        //只有在权限集中的数据才会检测
        if (!in_array($url, array_column($rule_list, 'name'))) {
            //此链接不需要验证，直接通过
            return true;
        }
        $auth_group_key = 'auth_group:' . $rule_id;
        $redis = getRedis();
        $group_info = $redis->hGet($auth_group_key);
        if (empty($group_info)) {
            $group_info = GroupModel::getInstance()->find($rule_id);
            if (empty($group_info)) {
                exit('用户组不存在' . $auth_group_key);
                return false;
            }
            $redis->hMset($auth_group_key, $group_info->toArray());
        }

        $rule_id = 0;
        //可能存在相同链接只有参数不一样的情况，
        foreach ($rule_list as $item) {
            if (strtolower($item['name']) == $url) {
                if (empty($item['condition'])) {
                    //无参数，则通过
                    $rule_id = $item['id'];
                    break;
                }
                list($param_key, $param_value) = explode('=', $item['condition']);
                //参数
                $param = app('request')->param();
                if (isset($param[$param_key]) && $param[$param_key] == $param_value) {
                    $rule_id = $item['id'];
                    break;
                }
            }
        }
        return in_array($rule_id, explode(',', $group_info['rules']));
    }


    static public function checkUser($name, $userid)
    {
        if (empty($name) && $userid < 1) {
            return false;
        }
        if (self::checkNotcheck()) {
            return true;
        }
        $access_info = AuthGroupAccess::getInstance()->where(['uid' => $userid])->find();
        if (empty($access_info)) {
            return false;
        }
        $auth_group_key = 'auth_group:' . $access_info['group_id'];
        $redis = getRedis();
        $group_info = $redis->hGet($auth_group_key);
        if (empty($group_info)) {
            $group_info = GroupModel::getInstance()->find($access_info['group_id']);
            if (empty($group_info)) {
                return false;
            }
            $redis->hMset($auth_group_key, $group_info->toArray());
        }
        $group_info['user_id'] = $access_info['uid'];
        $group_info['group_id'] = $access_info['group_id'];
        $group_info = self::getGroupInfo($userid);
        if (empty($group_info)) {
            return false;
        }
        $rule_list = getTableCache('auth_rule');
        $rule_id = 0;
        $name = strtolower($name);
        foreach ($rule_list as $item) {
            if ($name == strtolower($item['name'])) {
                $rule_id = $item['id'];
                continue;
            }
        }
        return in_array($rule_id, explode(',', $group_info['rules']));
    }

    /**
     * 免检测链接
     * @return bool
     */
    static public function checkNotcheck()
    {
        if (in_array(strtolower(app('request')->controller()), ['index'])) {
            return true;
        }
        return false;
    }
}